Lucene search
K

35 matches found

EUVD
EUVD
added 2026/04/01 6:36 p.m.2 views

EUVD-2026-17966

A vulnerability was identified in Enter Software Iperius Backup up to 8.7.2. This impacts an unknown function of the file IperiusAccounts.ini. Such manipulation leads to use of hard-coded cryptographic key . The attack must be carried out locally. This attack is characterized by high complexity...

2.5CVSS5.2AI score0.00099EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/26 11:3 p.m.4 views

CVE-2026-4824

A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege management. The attack must be carried out locally. The attack is...

7.3CVSS6.1AI score0.00136EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 8:27 a.m.4 views

CVE-2026-27069 WordPress Soledad theme <= 8.7.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through = 8.7.2...

6.5CVSS5.5AI score0.0013EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:27 a.m.4 views

CVE-2026-27069

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through = 8.7.2...

5.5AI score0.0013EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/10 6:32 a.m.7 views

EUVD-2026-1859

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.7.2. This is due to a misconfigured authorization check on the 'getShipItemFullText' function which only verifies that a user has the...

4.3CVSS5.1AI score0.00193EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/16 8:13 a.m.3 views

CVE-2025-68066 WordPress Soledad theme <= 8.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign Soledad soledad allows PHP Local File Inclusion.This issue affects Soledad: from n/a through = 8.7.0...

6.7AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/18 9:6 p.m.6 views

CVE-2025-36118

IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request...

7.5CVSS6.4AI score0.00322EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/28 2:38 a.m.12 views

CVE-2025-62930

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows DOM-Based XSS.This issue affects MapSVG: from n/a through = 8.7.22...

6.5CVSS5.9AI score0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/27 1:34 a.m.10 views

CVE-2025-62930 WordPress MapSVG plugin <= 8.7.22 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows DOM-Based XSS.This issue affects MapSVG: from n/a through = 8.7.22...

6.5CVSS0.00186EPSS
Exploits0References1
CVE
CVE
added 2025/10/27 1:34 a.m.11 views

CVE-2025-62930

CVE-2025-62930 concerns WordPress MapSVG plugin MapsVG-Lite-Interactive-Vector-Maps. Affected software: MapSVG (MapsVG) – Vector maps, Image maps, Google Maps; vulnerable component: mapsvg-lite-interactive-vector-maps. Root cause: improper neutralization/validation of input during web page genera...

6.5CVSS5.9AI score0.00186EPSS
Exploits0References1
Hacker One
Hacker One
added 2025/10/21 7:39 a.m.15 views

curl: Buffer Overflow in WebSocket Handshake (lib/ws.c:1287)

Summary: Buffer overflow vulnerability in curl's WebSocket implementation due to unsafe use of strcpy in the handshake process. The vulnerability is located at lib/ws.c:1287 where strcpykeyval, randstr is called without proper bounds checking, despite having a bounds check earlier in the code. AI...

7.5AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/18 1:39 p.m.4 views

CVE-2025-36120 IBM Storage Virtualize privilege escalation

IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources...

8.8CVSS7AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/16 12:0 a.m.9 views

WordPress plugin Soledad 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

7.3CVSS7.8AI score0.00318EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.6 views

PT-2024-33683

Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.14.6 SuiteCRM versions prior to 8.7.1 Description: The issue arises from the way SuiteCRM checks PHP scripts against a blacklist of functions and methods to prevent the installation of malicious MLPs. However, thi...

7.2CVSS5.8AI score0.00492EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/03/18 12:0 a.m.5 views

LDAP Account Manager Injection Vulnerability

LDAP Account Manager is a web front-end for managing entries e.g. users, groups, DHCP settings stored in LDAP directories. A security vulnerability exists in LDAP Account Manager LAM versions prior to 8.7, which stems from a logging configuration that allows arbitrary paths to be specified for lo...

7.9CVSS7AI score0.17868EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/16 12:0 a.m.5 views

PT-2024-14034 · Hypr · Hypr Workforce Access

Name of the Vulnerable Software and Affected Versions: HYPR Workforce Access versions prior to 8.7 Description: The issue is related to an Improper Input Validation vulnerability in HYPR Workforce Access on Windows, which allows Path Traversal. Recommendations: For versions prior to 8.7, update t...

7CVSS7.1AI score0.00187EPSS
Exploits0References5
OSV
OSV
added 2023/10/04 4:15 a.m.2 views

CVE-2023-30735

Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant...

3.3CVSS5.8AI score0.0013EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/07/20 12:0 a.m.5 views

eNdonesia SQL注入漏洞

endonesia eNdonesia is an all-in-one social tool from endonesia. A security vulnerability exists in eNdonesia version 8.7, which stems from an SQL injection in diskusi.php that allows an attacker to execute arbitrary SQL commands via the rid= parameter...

9.8CVSS9AI score0.01057EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/07/19 12:0 a.m.4 views

PT-2023-26037 · Unknown · Intergard Sgs

Name of the Vulnerable Software and Affected Versions: Intergard SGS version 8.7.0 Description: A vulnerability has been found in the Change Password Handler component, which can be exploited to cause a denial of service. The attack can be launched remotely. The vendor was contacted about this...

6.5CVSS7.1AI score0.00847EPSS
Exploits1References8
CNNVD
CNNVD
added 2023/07/19 12:0 a.m.5 views

Intergard SGS 授权问题漏洞

Intergard SGS is a security appliance from Brazilian company Intergard. An authorization issue vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of unknown functionality in the application, resulting in a privilege issue...

9.8CVSS6.9AI score0.00775EPSS
Exploits1References4
Rows per page
Query Builder